<?php
if (!defined('IN_D_ADMIN')) die("Error 404");
$edit_url = 'index.php?act=tpl&mode=edit';
$edit_tpl='index.php?act=tpl&mode=edit_tpl';	
$tpl_id=(!empty($_GET['tpl_id'])&& is_numeric($_GET['tpl_id']))?$_GET['tpl_id']:'';	
$inp_arr = array(
		'name'	=> array(
			'table'	=>	'tpl_fname',
			'name'	=>	$lang_acp['tpl_name'],
			'type'	=>	'free'
		),
		'folder_name'	=> array(
			'table'	=>	'tpl_foldername',
			'name'	=>	$lang_acp['tpl_foldername'],
			'type'	=>	'free'
		),
		'order'	=> array(
			'table'	=>	'tpl_order',
			'name'	=>	$lang_acp['order'],
			'type'	=>	'number'
		),
	);
##################################################
# ADD
##################################################
if ($mode == 'add') {
	$error_arr = array();
	acp_check_permission('add_template');
	if (!empty($_POST['submit'])) {
		$error_arr = $form->checkForm($inp_arr);
		if (empty($error_arr)) {
			$sql = $form->createSQL(array('INSERT',$conf['prefix'].'tpl'),$inp_arr);
			eval('$DB->query("'.$sql.'");');
			echo $lang_acp['added']." <meta http-equiv='refresh' content='1;url=$edit_url'>";
			exit();
		}
	}
	$warn = $form->getWarnString($error_arr);

	$form->createForm($lang_acp['add_tpl'],$inp_arr,$error_arr);
}
##################################################
# EDIT
##################################################
if ($mode == 'edit') {
	$error_arr = array();
	acp_check_permission('edit_template');
	if (!$tpl_id) {
		if (!empty($_POST['sbm'])) {
			$z = array_keys($_POST);
			$q = $DB->query("SELECT tpl_id FROM ".$conf['prefix']."tpl");
			for ($i=0;$i<$DB->num_rows($q);$i++) {
				$id = split('o',$z[$i]);
				$ord = ${$z[$i]};
				$DB->query("UPDATE ".$conf['prefix']."tpl SET tpl_order = '$ord' WHERE tpl_id = '".$id[1]."'");
			}
		}
		echo "<script>function check_del(id) {".
		"if (confirm('{$lang_acp['ask_u_del']} ?')) location='?act=tpl&mode=del&tpl_id='+id;".
		"return false;}</script>";
		echo "<table width=90% align=center cellpadding=2 cellspacing=0 class=border><form method=post>";
		echo "<tr><td align=center class=title width=5%>{$lang_acp['order']}</td><td class=title style='border-right:0'>{$lang_acp['tpl_name']}</td></tr>";
		$q = $DB->query("SELECT * FROM ".$conf['prefix']."tpl ORDER BY tpl_order ASC");
		while ($r = $DB->fetch_row($q)) {
			echo "<tr><td align=center class=fr><input onclick=this.select() type=text name='o".$r['tpl_id']."' value=".$r['tpl_order']." size=2 style='text-align:center'></td><td class=fr_2><a href=# onclick=check_del(".$r['tpl_id'].")>{$lang_acp['del']}</a> - <a href=?act=tpl&mode=set_default&tpl_id=".$r['tpl_id'].">{$lang_acp['default']}</a> - <a href='$link&tpl_id=".$r['tpl_id']."'><b>".$r['tpl_fname']."</b></a> - <a href='$edit_tpl&tpl_id=".$r['tpl_id']."'>{$lang_acp['tpl_option']}</a> - <a href='index.php?act=tpl&mode=add_tpl&tpl_id=".$r['tpl_id']."'>{$lang_acp['tpl_add_skin']}</a> - <a href='index.php?act=tpl&mode=clear_cache&tpl_id=".$r['tpl_id']."'>Clear Cache</a></td></tr>";
		}
		echo '<tr><td colspan="2" align="center"><input type="submit" name="sbm" class=submit value="'.$lang_acp['edit_order'].'"></td></tr>';
		echo '</form></table>';
	}
	else {
		if (empty($_POST['submit'])) {
			$q = $DB->query("SELECT * FROM ".$conf['prefix']."tpl WHERE tpl_id = '$tpl_id'");
			$r = $DB->fetch_row($q);
			foreach ($inp_arr as $key=>$arr) $$key = $r[$arr['table']];
		}
		else {
			$error_arr = $form->checkForm($inp_arr);
			if (empty($error_arr)) {
				$sql = $form->createSQL(array('UPDATE',$conf['prefix'].'tpl','tpl_id','tpl_id'),$inp_arr);
				eval('$DB->query("'.$sql.'");');
				echo $lang_acp['edited']." <meta http-equiv='refresh' content='1;url=".$edit_url."'>";
				exit();
			}
		}
		$warn = $form->getWarnString($error_arr);
		$form->createForm($lang_acp['edit_tpl'],$inp_arr,$error_arr);
	}
}
if ($mode == 'set_default' && is_numeric($tpl_id)) {
	acp_check_permission('edit_template');
	if($DB->query("UPDATE ".$conf['prefix']."config SET config_value = '".$tpl_id."' WHERE config_name = 'default_tpl'"))
		echo $lang_acp['edited']." <meta http-equiv='refresh' content='1;url=".$edit_url."'>";
	else echo $lang_acp['error'];
	
}
##################################################
# DELETE
##################################################
if ($mode == 'del') {
	acp_check_permission('del_template');
	if ($tpl_id) {
		if (!empty($_POST['submit']) && is_numeric($tpl_id) && $act=='tpl' && $mode == 'del') {
			$DB->query("DELETE FROM ".$conf['prefix']."tpl WHERE tpl_id = $tpl_id");
			$DB->query("DELETE FROM ".$conf['prefix']."skin WHERE skin_tpl = $tpl_id");
				//$DB->query("DROP TABLE ".$conf['prefix']."skin_".$tpl_id);
			echo $lang_acp['deleted']." <meta http-equiv='refresh' content='1;url=".$edit_url."'>";
			exit();
		}
		?>
		<form method="post">
		<?php echo $lang_acp['ask_u_del']?> ??????<br>
		<input value="<?php echo $lang_acp['yes']?>" name=submit type=submit class=submit>
		</form>
<?php
	}
}

##################################################
# ADD TEMPLATE
##################################################

if($mode=='add_tpl'){
acp_check_permission('add_template');
$tpl_id=$_GET['tpl_id'];
	if (!empty($_POST['submit'])) {
		$r_html_name=trim($_POST['html_name']);
		$r_html=$func->htmlchars(stripslashes($_POST['html']));
		$id=$_POST['id'];
		$DB->query("INSERT INTO ".$conf['prefix']."skin VALUES('','{$id}','{$r_html_name}','{$r_html}')");		
		echo $lang_acp['added']." <meta http-equiv='refresh' content='1;url={$edit_tpl}&tpl_id={$id}'>";
		exit();
	}
?>
<form method="post">
<table class="border" cellpadding="2" cellspacing="0" width="98%">
<tbody>
<?php
	$sql=$DB->query("SELECT tpl_fname FROM ".$conf['prefix']."tpl WHERE tpl_id='{$tpl_id}'");
	$tpl=$DB->fetch_row($sql);
?>
<tr>
<td colspan="2" class="title" align="center"><?php echo $lang_acp['tpl_option']?> : <?php echo $tpl['tpl_fname']?></td>
</tr>
<tr>
<td class="fr" width="10%"><b><?php echo $lang_acp['name']?></b></td><td class="fr_2"><input name="html_name" type="text" /></td>
</tr>
<tr>
<td class="fr" width="10%"><b><?php echo $lang_acp['html']?></b></td><td class="fr_2"><textarea rows="30" cols="100" name="html"></textarea></td>
</tr>
<input type="hidden" name="id" value="<?php echo $tpl_id?>" />
<tr>
<td class="fr" colspan="2" align="center"><input name="submit" class="submit" value="Add" type="submit"></td>
</tr>
</tbody>
</table>
</form>
<?php
}
##################################################
# EDIT TEMPLATE
##################################################

if($mode=='edit_tpl'){
acp_check_permission('add_template');
$tpl_id=$_GET['tpl_id'];
	if (!empty($_POST['submit_skin'])) {
		$id=$_POST['id'];
		$num_row=$_POST['num_row'];
		for($i=1;$i<=$num_row;$i++){
			$r_id=$_POST['html_id'][$i];
			$r_html_name=trim($_POST['html_name'][$i]);
			$r_html=$func->htmlchars(stripslashes($_POST['html'][$i]));	
			$DB->query("UPDATE ".$conf['prefix']."skin SET skin_value='{$r_html}', skin_name='{$r_html_name}' WHERE skin_id='{$r_id}' AND skin_tpl='{$id}'");		
		}
		echo $lang_acp['edited']." <meta http-equiv='refresh' content='1;url={$edit_tpl}&tpl_id={$id}'>";
		exit();
	}
	
	elseif(!empty($_POST['do']) || !empty($_GET['skin_id'])){
	if(!empty($_POST['checkbox'])) $arr=$_POST['checkbox'];
		if (!empty($_POST['selected_option']) == 'del') {
			acp_check_permission('del_template');
			$s_id=$_POST['tpldata_id'];
			$in_sql = implode(',',$arr);
			$DB->query("DELETE FROM ".$conf['prefix']."skin WHERE skin_tpl='{$s_id}' AND skin_id IN (".$in_sql.")");
			echo $lang_acp['deleted']." <meta http-equiv='refresh' content='1;url={$edit_tpl}&tpl_id={$s_id}'>";
		}
	
		elseif(!empty($_POST['selected_option']) == 'edit' || !empty($_GET['skin_id'])) {
				if(!empty($_GET['tpl_id']))
				$dataskin_id=$_GET['tpl_id'];
				elseif($_POST['tpldata_id'])
				$dataskin_id=$_POST['tpldata_id'];
				$skin_id=$_GET['skin_id'];
				if(!empty($_GET['skin_id']))
				$j_skin=$DB->query("SELECT * FROM ".$conf['prefix']."skin WHERE skin_id='{$skin_id}' AND skin_tpl='{$dataskin_id}'");
				else{
				/*
					for($n=0;$n<=count($arr)-1;$n++){
					$in_sql .= "'{$arr[$n]}',";
					}
				if(($in_sql[(strlen($in_sql)-1)]) == ',')
				$in_sql = substr($in_sql,0,-1);
				*/
				$in_sql = implode(',',$arr);
				$j_skin=$DB->query("SELECT * FROM ".$conf['prefix']."skin WHERE skin_tpl='{$dataskin_id}' AND skin_id IN (".$in_sql.")");
				}
?>
<form method="post">
<table class="border" cellpadding="2" cellspacing="0" width="98%">
<tbody>
<?php
	$sql=$DB->query("SELECT tpl_fname FROM ".$conf['prefix']."tpl WHERE tpl_id='{$dataskin_id}'");
	$tpl=$DB->fetch_row($sql);
?>
<tr>
<td colspan="2" class="title" align="center"><?php echo $lang_acp['tpl_option']?> : <?php echo $tpl['tpl_fname']?></td>
</tr>
<?php
			$i=0;
			while($rj=$DB->fetch_row($j_skin)){
			$i++;
?>
<input type="hidden" name="html_id[<?php echo $i?>]" value="<?php echo $rj['skin_id']?>" />
<tr>
<td class="fr" width="10%"><b><?php echo $lang_acp['name']?></b></td><td class="fr_2"><input name="html_name[<?php echo $i?>]" type="text"  value="<?php echo $rj['skin_name']?>"/></td>
</tr>
<tr>
<td class="fr" width="10%"><b><?php echo $lang_acp['html']?></b></td><td class="fr_2"><textarea rows="30" cols="100" name="html[<?php echo $i?>]"><?php echo $rj['skin_value']?></textarea></td>
</tr>
<?php
			}
?>
<input type="hidden" name="id" value="<?php echo $dataskin_id?>" />
<input type="hidden" name="num_row" value="<?php echo $i?>" />
<tr>
<td class="fr" colspan="2" align="center"><input name="submit_skin" class="submit" value="Submit" type="submit"></td>
</tr>
</tbody>
</table>
</form>			
<?php				
		}
	}
	else{
		acp_check_permission('edit_template');
		
		$q = $DB->query("SELECT * FROM ".$conf['prefix']."skin WHERE skin_tpl='{$tpl_id}' ORDER BY skin_name");
		$tt = $DB->num_rows($q);
		if ($tt) {
				echo "<script>function docheckall(){
		   for ( i=0;i < document.skin_list.elements.length ; i++ ){
				 if ( document.skin_list.chkall.checked==true ){
					  document.skin_list.elements[i].checked = true;
				 } else {
					  document.skin_list.elements[i].checked  = false;
				 }
		   }
  }</script>";
			
			echo "<table width=90% align=center cellpadding=2 cellspacing=0 class=border><form name=skin_list method=post action=$link >";
			echo "<tr align=center><td width=3%><input class=checkbox type=checkbox name=chkall id=chkall onclick=docheckall() value=checkall></td><td class=title width=60%>{$lang_acp['tpl_option']}</td></tr>";
			while ($r = $DB->fetch_row($q)) {
				echo "<tr><td><input class=checkbox type=checkbox id=checkbox name=checkbox[] value=".$r['skin_id']."></td><td class=fr><b><a href=?act=tpl&mode=edit_tpl&tpl_id={$tpl_id}&skin_id=".$r['skin_id'].">".$r['skin_name']."</a></b></td></tr>";
			}
			echo '<tr><td colspan=3 align="center">'.$lang_acp['with_skin_selected'].' : '.
				'<select name=selected_option><option value=edit>'.$lang_acp['edit'].'</option><option value=del>'.$lang_acp['del'].'</option></select>'.
				'<input type="hidden" name="tpldata_id" value="'.$tpl_id.'"><input type="submit" name="do" class=submit value="'.$lang_acp['do'].'"></td></tr>';
			echo '</form></table>';
		}
		else echo $lang_acp['not_exist_skin'];
	}

}
##################################################
# CLEAR CACHES
##################################################
if($mode=="clear_cache"){
	if(empty($_POST['sb_clear']))
	echo "<form method='post'>Bạn có muốn xóa cache của skin này<br><input type='radio' name='clear_yes' value='yes'> Yes&nbsp;<input type='radio' name='clear_no' value='no'> No<br><input type='submit' value='Submit' name='sb_clear'></form>";
	else{
	
		if(!empty($_POST['clear_yes'])){
			$sql_tpl=$DB->query("SELECT tpl_foldername FROM {$conf['prefix']}tpl WHERE tpl_id=".$_GET['tpl_id']);
			$temp=$DB->fetch_row($sql_tpl);
			$dir_cache_tpl="../templates/".$temp["tpl_foldername"]."/tpl_cache";
			 if (is_dir($dir_cache_tpl))
			   $dir_handle = opendir($dir_cache_tpl);
			 if (!$dir_handle)
				return false;
			   while($file = readdir($dir_handle)) {
					 if ($file != "." && $file != "..")
							unlink($dir_cache_tpl."/".$file);   
				}
			 closedir($dir_handle);
			rmdir($dir_cache_tpl);
			echo $lang_acp['deleted']." <meta http-equiv='refresh' content='1;url=$edit_url'>";
		}
		else
			echo "<meta http-equiv='refresh' content='1;url=$edit_url'>";
	
	}
}
?>